Authentication and Key Management in Distributed IoT using Blockchain Technology

The exponential growth in the number of connected devices as well as the data produced from these devices call for a secure and efficient access control mechanism that can ensure the privacy of both users and data. Most of the conventional key management mechanisms depend upon a trusted third party like a registration center or key generation center for the generation and management of keys. Trusting a third party has its own ramifications and results in a centralized architecture; therefore, this article addresses these issues by designing a Blockchain-based distributed IoT architecture that uses hash chains for secure key management. The proposed architecture exploits the key characteristics of the Blockchain technology, such as openness, immutability, traceability, and fault tolerance, to ensure data privacy in IoT scenarios and, thus, provides a secure environment for communication. This article also proposes a scheme for secure and efficient key generation and management for mutual authentication between communication entities. The proposed scheme uses a one-way hash chain technique to provide a set of public and private key pairs to the IoT devices that allow the key pairs to verify themselves at any time. Experimental analysis confirms the superior performance of the proposed scheme to the conventional mechanisms.